Privacy Policy

Please note – this Privacy Policy applies to our use of your information from
22 July 2014 - 4 May 2017.

British Airways is committed to respecting your privacy and protecting your personal information

We’ve written this Privacy Policy to let you know how we use your personal information. In it, we explain the types of personal information we collect, how we collect it, what we use it for and who we may share your personal information with.

This Privacy Policy is divided into several sections; please click on the relevant section in the detailed policy below for further information or click on 'Show all' if you wish to see the whole policy. We have also created a high level summary of the Privacy Policy, setting out the most important points.

This Privacy Policy comes into effect from 22 July 2014 and replaces our previous Privacy Policy. This Privacy Policy applies to all information we process about you in connection with your relationship with us as a customer or potential customer, including where you have a British Airways Executive Club account with us.

Please contact us if you would like to find out more about any matters to do with this Privacy Policy.

High level policy

What this Privacy Policy covers

This Privacy Policy covers all personal information about you that we collect, use and otherwise process in connection with your relationship with British Airways as a customer or potential customer. By “Personal Information” we mean information about you where you are, or could be, identified, such as your name and contact details, your travel arrangements and purchase history and information about your access to our websites.

When do we collect personal information?

We collect personal information about you whenever you use our services (whether services provided directly by us or by other companies or agents acting on our behalf), when you travel with us, when you use our websites, or when you use our call centres or mobile applications.

What types of personal information do we collect?

We collect personal information about you, about your travel arrangements, about how you use our services and about how you use our websites, call centres and mobile applications. This may include information that you provide to us directly or through companies or agents we work with, as well as information which we collect when you use our services.

What do we use your personal information for?

To provide the travel and other services you have asked us to provide.

To personalise your travel experience.

To communicate with you about the travel and other services you have asked us to provide.

To provide you with marketing and offers from us (where we have your permission to do so).

To improve our services.

For security purposes.

Who do we share your personal information with?

Your personal information may be shared within the group of companies controlled by our parent company, International Consolidated Airlines Group SA (IAG), for the purposes described in this Privacy Policy which includes British Airways Plc, Iberia LAE SA Operadora Unipersonal, British Airways Holidays Limited and Avios Group (AGL) Limited.

In order to facilitate your travel arrangements, we will often need to share your personal information with third parties including other airlines and airport operators, customs and immigration authorities, travel agents involved in making your travel arrangements and our customer loyalty partners, such as when you transfer between airlines or use a hotel to earn Avios. We also share your personal information with third parties who deliver services either to you or to us, such as companies that provide airport assistance or marketing agencies.

We do not sell personal information to third parties, and we only allow third parties outside the British Airways Group to send you marketing information where we have your permission to do so.

How we look after the policy

We will keep this Privacy Policy under review and notify you of any changes by posting the revised policy on ba.com, to take effect as soon as it is posted.

Show allHide allshowhideexpandedcollapsed

Detailed policy

Any personal information processed by British Airways in connection with this Privacy Policy is controlled by British Airways Plc, which is considered the “data controller” under the UK Data Protection Act 1998. Our address is Waterside, PO BOX 365, Harmondsworth, West Drayton UB7 0GB.

This Privacy Policy applies to personal information about you that we collect, use and otherwise process in connection with your relationship with us as a customer or potential customer, including when you travel with us or use our other services, use our websites or mobile apps, service agents or call centres and book to use our services through third parties (such as travel agents and other airlines). However, BA is not responsible for third parties’ use of your information where such use is permitted for their own purposes and you should consult their privacy policies for further information.

If we change this Privacy Policy, we will let you know about the changes by publishing the updated version on our website, ba.com. We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Privacy Policy.

We collect personal information about you when you use our services (whether directly provided by us or by another company or agent), when you travel with us, and when you use our website, call centres or mobile applications, including, for example:

when you book or search for a flight or other products or services on our website.

when you book or search for a flight or other products or services through our other sales channels, such as through a travel agent

if you join the BA Executive Club or other loyalty schemes or customer programmes

when you contact our call centres or service agents

when you travel with us and use airports where we operate

if you use our lounge facilities

if you use our in-flight entertainment and communication services

if you complete a customer survey or provide us with feedback

if you enter a competition or register for a promotion

if you choose to interact with us via social media, such as Facebook or Twitter

In addition, we may receive personal information about you from third parties, such as:

Information about you, such as your name, address, email and other details, your account details, dietary requirements, photographs and other images (including biometric templates so we can recognise you).

Information about your travel arrangements, such as details of your bookings, travel itinerary, details of any additional assistance you require and other information related to your travel with us.

Information about the services we have provided to you in the past, including your previous travel arrangements, such as flights and other bookings, and related matters, such as upgrades, details of missing luggage, etc.

Information about your use of our websites, call centres and mobile applications, including information about which pages you view.

Information about interactions you have with us and our staff (e.g. on social media or on board one of our flights).

When, and why, do we collect ‘sensitive personal data’?

Certain categories of personal information, such as that about race, ethnicity, religion or health, are considered “sensitive personal data” under the UK Data Protection Act 1998. Generally, we try to limit the circumstances where we process sensitive personal data. However, this can occasionally occur because:

you have requested specific medical assistance from us and/or an airport operator, such as the provision of wheelchair assistance or oxygen, or,

you have sought clearance from us to fly with a medical condition or because you are more than 28 weeks pregnant, or,

you have otherwise chosen to provide such information to us (or a third party such as the travel agent through which you made your booking)

In addition, you may have made other requests in connection with making your travel arrangements that may possibly imply or suggest something about you that could be as “sensitive personal data”. For example, if you request a particular type of special meal this may imply or suggest that you hold particular religious beliefs or have a particular medical condition.

By providing any personal information that is, or could be considered to be, “sensitive personal information” you explicitly agree that we may collect, use, share with third parties and transfer outside the European Economic Area this personal information, as described in this Privacy Policy.

If you withdraw your consent, it may mean we will not be able to provide all or parts of the services you have requested from us. Please be aware that in these circumstances you will not be able to cancel or obtain a refund of any fees you have paid.

How do we collect and use geo-location information?

When you use our websites, mobile websites and applications we collect information about your location based on your IP address. An IP address (i.e.an Internet Protocol address) is a numeric code that can act as a unique identifier for your computer or other access device and can be used to indicate the country from which you are accessing the relevant website or application. Knowing the country you are likely to be in enables us to provide more relevant content and do so in an appropriate language. We also use this information to analyse how our website users interact with our websites.

If we have your permission to do so, we may also use the functionality on your mobile device (such as Bluetooth and GPS) and/or information based on Wi-Fi and/or mobile phone mast locations to determine your approximate location so that we may provide you with more relevant content and services. We only do this where you have provided your consent to the use of location data, which may typically be provided (or withdrawn) by adjusting the settings of your mobile device.

If you receive marketing communications from us (perhaps because you requested information or made a booking with us, or you entered a competition or registered for a promotion) you may change your marketing preferences by writing, with your full name, address and other contact details to:

to fulfil your travel arrangements and deliver the services you have asked for

to provide services tailored to your requirements and to treat you more personally

to send you “service” communications, such as an email advising that check in is open

to support other administrative purposes

to provide you with relevant marketing communications

Please see further information on these below.

Travel arrangements

We will use your personal information to fulfil your travel arrangements and to deliver the services you have asked for. This may include processing information about travel arrangements that are not provided by British Airways but which nevertheless form part of your overall journey, such as details of your connecting flights, arrangements at airports and customs and immigration formalities.

When you are travelling with us and using airports at which we operate, we may have the ability to monitor where you are within the airport, for example, based on your having passed through security checks or having presented your boarding pass to gain access to one of our lounges. This information may be used to assist with flight connections and with the prompt and effective boarding of aircraft, as well as to provide a personalised service.

Please also be aware that in some airports where we operate, facial recognition and related biometric technology is used in order to facilitate passenger boarding.

Providing tailored services

We may use your personal information to provide services tailored to your requirements and treat you more personally, for example:

to deliver messages and information that we think is relevant and may be of interest to you, prior to, during, and after your travel with us

to personalise the services, content and offers on our websites and other sales and servicing channels

to personalise and tailor your travel experience

Examples of how we may use your personal information to provide a tailored, improved service may include our cabin crew and other staff being made aware that you are an Executive Club member (including what tier you are in (e.g. Silver or Gold), as well as other aspects of your travel history with us, such as airport disruption that you have previously experienced, lost luggage, upgrades received, etc.

Service communications

Even if you have opted-out of receiving marketing information from us, we may still send you communications about the services you have booked to use, such as your travel itinerary. These communications will help you get the most from the services we provide and may also contain options and offers about the services you will be using.

We may also send you communications about the services you have previously used, for example, where you experienced some form of issue or problem and we wish to contact you about it proactively in order to resolve it.

Customer surveys

We occasionally run customer surveys to understand more about the way people use our services and how we could improve them. Participation in any research is confidential and voluntary, and results are handled in such a way that they do not identify individual respondents, unless you advise us when completing the survey that you wish to be contacted by us. For the purpose of analysing survey data we may combine your answers with other data which we have, but we will do so in a way that does not affect the anonymity of the survey results.

However, in some cases it may help us improve your experience with us in the future if you permit us to record some of the preferences and other information you provide in the survey as part of your customer record. If you are happy for us to do so then please respond accordingly in your survey response (where you have the opportunity to do so).

Administrative purposes

We may use and retain your personal information, including your purchase history, for administrative purposes, which may include for example, accounting and billing, auditing, credit or other payment card verification, anti-fraud screening (including the use of credit reference agency searches and payment card validation checks), immigration and customs control, safety, security, health, administrative and legal purposes and systems testing, maintenance and development.

Marketing

We may use and retain your personal information to provide you with more relevant marketing communications.

The information is used for the following marketing-related purposes:

tailoring our direct marketing communications (e.g. sending you marketing emails) to include offers and content relevant to you. These communications may be tailored to you based on the information that we hold, such as your prior travel history, your date of birth, etc.

We may also combine your web usage data with other information we have about you. By way of some examples, this may include whether you have arrived at our site through a marketing email sent to you, your booking and passenger name data you have entered, your Registered Customer Number or Executive Club Membership (if relevant), or previous web usage data stored by a cookie.

When will we send you marketing communications?

You may receive marketing communications from us if you have you requested information from us or made a booking with us, or if you provided us with your details when you entered a competition or registered for a promotion (and have not expressed a preference not to receive such communications).

You can agree to be sent offers and promotions by registering on this website or becoming a member of the Executive Club, or in the course of making any booking or requesting information. We try to make sure that you do not receive duplicate communications even if you have agreed to receive marketing communications in more than one of those ways.

You will not receive direct marketing communications from companies outside the British Airways Group as a result of giving your details to us, but we do use third parties to send marketing communications on our behalf. If we do ever want to allow a third party to send you direct marketing not related to the British Airways Group, we will seek your permission before sharing your details with them. However, please be aware that we do sometimes send marketing communications that promote a third party’s products and services (for example, those of our business partners) as well as our own.

Please see section on "Phishing" and our Phishing FAQ for information about scam emails claiming to be from British Airways.

How can you change what marketing communications you receive and how you receive them?

If you change your mind about the marketing communications you want to receive from the British Airways Group, you can let us know at any time by contacting us at the address below.

In addition, each marketing communication we send by email will also have an “unsubscribe” option which will allow you to stop you receiving further marketing emails.

Please note that if you tell us that you do not wish to receive further marketing communications, you will still receive “service” communications (as described above) confirming and servicing any bookings you may have with us. If you are an Executive Club Member, we will continue to keep you informed about your membership benefits and other important information relating to the Executive Club.

If you are a registered user of ba.com, you can change your marketing preferences at any time by amending your profile.

In addition to using the ‘unsubscribe’ link in emails, if you receive marketing communications from us because we obtained your details when you made a booking or requested information or when you entered a competition or registered for a promotion, you can tell us at any time that you do not wish to receive these marketing communications by writing, with your full name, address and other contact details to:

Your personal information may be shared within the IAG and British Airways Group, which consists of British Airways Plc and a number of subsidiary companies, including British Airways Holidays Limited and Avios Group (AGL) Limited. We share information with these parties so they can assist us in providing services to you.

We may also disclose your personal information to the following third parties for the purpose described in this Privacy Policy:

airlines and other companies needed to deliver the services you have asked for

our oneworld partner airlines and franchisees

travel agents and other third parties who you book travel through

our partners in the Executive Club and other loyalty schemes and customer programmes that you have joined

third party service providers we are using to provide services that involve data processing

third parties, such as law firms and law courts, in order to enforce or apply any contract with you

third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our customers, staff and assets

if necessary to comply with a legal or regulatory obligation in any jurisdiction, including where that obligation arises as a result of a voluntary act or decision by us (e.g. Our decision to operate to a country or a related decision).

Customs and Immigration Authorities

British Airways and other airlines are required by laws in the USA and other countries to give border control agencies access to booking and travel information. Therefore, any information we hold about you and your travel arrangements may be disclosed to the customs and immigration authorities of any country in your itinerary.

In addition, laws in several countries require British Airways and other airlines to collect passport and associated information for all passengers prior to travel to or from those countries. When required, British Airways will provide this information to the relevant customs and immigration authorities.

What countries will your personal information be sent to?

Your personal information may be sent to and stored by us and third parties in countries outside the country in which you are located and in particular outside the European Economic Area. This occurs in the course of providing your travel arrangements and because our business and the third parties identified in “Who has access to your personal information?” have operations in countries across the world. This may involve sending your data to countries where under their local laws you may have fewer legal rights. However, wherever we store your information we will treat it in accordance with this Privacy Policy.

By continuing to use our services, the website and by providing any personal information, you consent to such transfers, storing and processing of your personal information outside the country in which you are located and outside the European Economic Area, including to countries where under their local laws you may have fewer legal rights.

Legal statement for flights operated by OpenSkies

In accordance with Article L232-6 of French Internal Security Code, please be informed that air carriers may transmit reservation/checking and boarding data collected from their passengers (PNR/API) to the French national public services and competent authorities for the purposes and under conditions as defined in the Decret N°2014-1095 dated 26/09/2014.

We understand how important it is that your information is kept secure. Please visit our security policy to see what steps we take to keep the information you give us secure.

Keep your booking reference confidential

When you make a booking you will be given a booking reference (also known as a PNR or Passenger Name Record). This will appear on the email confirmation or ticket of each person in your booking. You should keep your booking reference confidential at all times.

Giving your booking reference to others may allow them to access your booking details through our system. If you are travelling with others and would not like your individual booking details to be accessible by them, you may prefer to have each person make separate bookings, to be paid for individually.

To make sure your access to our websites, other online services, and mobile applications is secure, you should not share your log in details with anyone else. When you finish using the website, online services or mobile application you should log out if others may be able to access your computer or device. This is especially important if you are using a publicly accessible computer.

Be aware of and protect yourself against Internet fraud and “Phishing”

There is an Internet fraud practice known as "Phishing" which is the illegal gathering of personal information by deception. Unsolicited emails are sent to individuals from lists illegally gathered by a third party, and recipients are asked to enter or reconfirm bank or password details into a 'cloned' or illegal copy website.

For your protection please be aware of the following guidance:

You will only be asked for your card payment details if you wish to change or refund your booking on ba.com. We require this information specifically to debit or credit your card in relation to your booking. Our Customer Relations team might ask for your bank details if they are going to credit your account directly, after you have raised a claim with us.

You will only be asked for your card payment details if you wish to change or refund your booking on ba.com. We require this information specifically to debit or credit your card in relation to your booking.

Legitimate emails from British Airways will contain your booking reference and the email will not have been sent from a web-based mail server such as gmail, hotmail or yahoo.

British Airways will never request money payments through a third party, such as Western Union.

If you have reason to suspect an email claiming to be from British Airways is fraudulent, please forward it to phishing@email.ba.com. We will investigate its authenticity and take appropriate action. Please note that we cannot enter into correspondence over emails sent to this address, and therefore you will not receive a reply.

Please see our Phishing FAQ for information about scam emails claiming to be from British Airways.